Keeper brute force attempt
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Goal
Detect a high number of failed login attempts for the user: {{@usr.email}} followed by a successful login.
Strategy
Monitor Keeper logs for a significant rise in failed login attempts along with successful logins for a user. This may indicate potential unauthorized access attempts or brute force attacks.
Triage and response
- Investigate the source of the failed login attempts to determine whether they are legitimate users experiencing issues or potential attackers.
- Analyze the patterns of failed login attempts for the user:
{{@usr.email}}, including IP addresses and timestamps, to identify any common characteristics. - Implement additional security measures, such as account lockouts or deactivations, multi-factor authentication enforcement, and notifications to users about suspicious login attempts.
